CVE-2023-39527: Improper Encoding or Escaping of Output
(updated )
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 is vulnerable to cross-site scripting through the isCleanHTML
method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds.
References
Detect and mitigate CVE-2023-39527 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →